Upload
emerald-taylor
View
218
Download
3
Embed Size (px)
Citation preview
1
Computers and Society Security and Privacy
2
Identify the various types of security risks that can threaten
computers
Describe ways to safeguard a computer
Know how a computer virus works and the steps individuals
can take to prevent viruses
Understand how to create a good password
Identify various biometric devices
Recognize that software piracy is illegal
Explain why encryption is necessary
Know why computer backup is important and how it is
accomplished
Discuss the steps in a disaster recovery plan
Understand ways to secure an Internet transaction
List ways to protect your personal information
Objectives
3
What is a computer security risk? Any event or action
that could cause a loss of or damage to computer hardware, software, data, information, or processing capability
May be accidental or planned
Intentional breach of computer security often involves a deliberate act that is against the law
Computer crime
Any illegal act involving a computer
Cyber crime
Online or Internet-based
illegal acts
Safeguard
A protective measure you can take to
minimize or prevent security risks
4
What is a computer virus? A potentially damaging computer program
that affects, or infects, your computer negatively by altering the way computer works without your knowledge or permission
A segment of program code from some outside source that implants itself in a computer
Once in the computer it can spread throughout and may damage your files and operating system
5
What are the ways viruses can be activated? Opening an infected file Running an infected program Booting the computer with an infected
floppy disk in the disk drive
6
What is the source of a virus? Written by a programmer, known as a virus
author Some write viruses as a challenge Others write viruses to cause destruction
7
Boot sector virus
• Sometimes called a system virus
• Executes when a computer boots up
• Resides in the boot sector of a floppy disk or the master boot record of a hard disk
What are the three main types of virus?
File virus
• Sometimes called a program virus
• Attaches itself to program files
• When you run the infected program, the virus loads into memory
Macro virus
• Uses the macro language of an application, such as word processing or spreadsheet, to hide virus code
• When you open a document that contains an infected macro, the virus loads into memory
8
How do viruses activate?
Many activate as soon as a computer accesses an infected file or runs an infected program
Logic bomb
A virus that activates when it detects a certain condition
Time bomb
A type of logic bomb that activates on a particular date
9
A program that acts without a user’s knowledge
Deliberately alters the computer's operations
Also called malware Several types• virus• worm• Trojan horse
Worm
A malicious-logic program that copies itself repeatedly in memory or on a disk drive until no memory or disk
space remains
Trojan horse
A malicious-logic program that hides within or looks like a legitimate program
and is usually triggered by a certain condition or action
Unlike a virus or worm, it does not replicate itself to other computers
What is a malicious-logic program?
10
How can you safeguard your computer from virus attacks? Install an antivirus
program and upgrade it frequently
An antivirus program identifies and removes any computer viruses found in memory, on storage media, or on incoming files
Most antivirus programs also protect against worms and Trojan horses
Popular antivirus software packages
11
What does an antivirus program do? Detects and identifies
viruses Inoculates existing program
files Removes or quarantines
viruses Creates a rescue disk
12
How does an antivirus program scan for a virus? Scans for programs that attempt to modify the
boot program, the operating system, and other programs that normally are read from but not modified
Many also scan • Files you download from the Web• E-mail attachments• Files you open• All removable media
13
What is a virus signature? A known specific pattern of virus code Also called a virus definition Antivirus software uses signature files to identify viruses You should update the signature files to include patterns
for newly discovered viruses Many antivirus programs contain an auto-update feature
14
How does an antivirus program inoculate a program file? The antivirus program records information
about the files in a separate inoculation file• File size
• File creation date
The antivirus program uses this information to detect if a virus tampers with the inoculated program file
15
What does an antivirus program do once it detects a virus?
Removes the virus if possible Quarantines the infected file
• Quarantine: a separate area of a hard disk that holds the infected file until you can remove its virus
16
What is a rescue disk? A removable disk that contains an
uninfected copy of key operating system commands and startup information
Also called an emergency disk Enables the computer to restart correctly Created by most antivirus programs Upon startup the rescue disk finds and
removes the boot sector virus
17
Access control• A security measure that defines
who can access a computer, when they can access it, and what actions they can take while accessing the computer
Two-phase process of access control• Identification verifies that you
are a valid user• Authentication verifies that you
are who you claim to be Four methods exist
User names and passwords
Possessed objects
Biometric devices
Callback systems
How can unauthorized access and use be prevented?
18
What is a user name?
A unique combination of characters that identifies one specific user
Also called a user ID A password is a secret combination of
characters associated with the user name that allows access to certain computer resources
19
What is a possessed object? Any item that you must carry to gain access to a
computer or computer facility• Badges• Cards• Keys
Often used in combination with a personal identification number (PIN)• A numeric password, either assigned by a
company or selected by you
20
What is a biometric device? Authenticates a person’s
identity by verifying personal characteristics
Grants access to programs, systems, or rooms using computer analysis of some biometric identifier
Translates a person’s characteristics into a digital code that is compared to a digital code stored in the computer
Biometric identifier
A physical or behavioral characteristic
• Fingerprints
• Hand geometry
• Facial features
• Voice
• Signatures
• Retinal (eye) patterns
21
What is a fingerprint scanner? Captures curves and indentations of a fingerprint Some predict this will become the home user’s
authentication device for e-commerce transactions Some newer keyboards and notebook computers
have a fingerprint scanner built into them Some cost less than $100
22
What is a hand geometry system?
Measures the shape and size of a person’s hand Typically used as a time and attendance device
by large companies Costs more than $1,000
23
What is a face recognition system?
Captures a live face image and compares it to a stored image to determine if the person is a legitimate user
Used by some notebook computers to safeguard the computer
Can recognize people with or without glasses, makeup, or jewelry, and with new hairstyles
24
What are two other verification systems?
Voice verification system
Compares a person’s live speech to their stored voice
pattern
• Time and attendance devices
• Controls access to sensitive files and networks
• Secures telephone banking transactions
Signature verification system
Recognizes the shape of your handwritten signature, as well as pressure exerted
and the motion used to write the signature
Uses a specialized pen and tablet
25
What is an iris verification system? Reads patterns in the tiny blood vessels in
the back of the eye Very expensive Used by government security organizations,
the military, and financial institutions that deal with highly sensitive data
26
An access control method that some systems utilize to authenticate remote users
You can connect to a computer only after the computer calls you back at a previously established telephone number
Works best for users who regularly work at the same remote location
You call the computer
You enter a user name and password
If these are valid, the computer instructs
you to hang up
What is a callback system?
The computer calls you back and allows
you to connect to the system
27
What is hardware theft and vandalism?
Theft is the act of stealing computer equipment
Vandalism is the act of defacing or destroying computer equipment
Prevent with physical access controls• Locked doors and windows• Alarm systems
Physical security devices• Cables that lock the equipment to a
desk, cabinet, or floor
28
What precautions can prevent theft of mobile equipment? Common sense Constant awareness of
risk Never leave a notebook
computer unattended in a public place
May use a physical device to temporarily lock a mobile computer to a desk or table
Precautions in case of theft
• Back up the files stored on your notebook computer regularly
• Use passwords, possessed objects, or biometrics to render the computer useless if stolen
• Some handheld computers allow you to display your name and telephone number
• Others allow you to encrypt data in the device
29
When you purchase software, you do
not own the software. Instead,
you become a licensed user
What is software theft? Can range from someone
physically stealing media that contains software to intentional piracy of software
Software piracy is the unauthorized and illegal duplication of copyrighted software
30
What is information theft? Occurs when someone
steals personal or confidential information
Often linked to other types of computer crime
Several methods used to protect against information theft
Implement user identification and
authentication controls to protect
information on computers located on a company’s premises
Encrypt sensitive data
31
What is encryption? The process of
converting readable data into unreadable characters to prevent unauthorized access
Encrypted data can be stored or sent as an e-mail message
To read the data, the recipient must decrypt it
An encryption key is the formula that the recipient of the data uses to decrypt cipher text
Plaintext
Unencrypted, readable data
Cipher text
The encrypted (scrambled) data
encryption software
Plaintext
encryption key
32
What are some data encryption methods? An encryption key (formula) often uses more than one of
these methods
33
Public key encryption
• Uses two encryption keys: a public key and a private key
• Public key encryption software generates both your private key and public key
• Public keys are made known to those with which you communicate
• The private key is kept confidential
Private key encryption
• Both the originator and recipient use the same secret key to encrypt and decrypt the data
• The most popular private encryption system is the data encryption standard (DES). The U.S. government is a primary user of DES.
What are two basic types of encryption?
34
Step 1: Sender creates document to be e-mailed to receiver.
Sender (Joan)
message to be sent
Step 2: Sender uses receiver’s public key to encrypt a message.
Sender (Joan)
message to be sent
public key
encrypted message
Step 3: Receiver uses his or her private key to decrypt the message.
Sender (Joan)
message to be sent
public key private key
encrypted message
Step 4: Receiver can read or print the decrypted message.
Sender
(Ali)
Receiver (Mohammed)
message to be sent
decrypted message
public key private key
encrypted message
How does public key encryption work?
35
The prolonged malfunction of a computer
Can cause the loss of hardware, software, data, or information
aging hardware
natural disasters such as fires,
floods, or storms
random events such as electrical power
problems
What is a system failure?
36
What is an uninterruptible power supply (UPS)?
A device that contains surge protection circuits and one or more batteries that can provide power during a temporary or permanent loss of power
A standby UPS switches to battery power when a problem occurs in the power line• Also called an offline UPS
Online UPS always runs off the battery• Provides continuous protection
37
What is a backup? A duplicate of a file, program,
or disk that can be used if the original is lost, damaged, or destroyed
To back up a file means to make a copy of it
You restore the files by copying the backed up files to their original location on the computer
Keep backup copies in a fireproof and heatproof safe or vault, or offsite
Offsite
A location separate from the computer
site
38
Internet and Network Security
Why is Internet and network security important? Information
transmitted over networks has a higher degree of security risk
Employs many security techniques discussed thus far
Securing Internet transactions
Securing e-mail
messages
Firewalls
39
Internet and Network Security
How do Web browsers provide secure data transmission? Many Web browsers use
encryption A Web site that uses
encryption techniques to secure its data is known as a secure site
Secure sites use digital certificates along with a security protocol
Digital certificate
Also called a public-key certificate
A notice that guarantees a user or a Web site is legitimate
40
Secure Electronic Transaction (SET)
Specification uses a public-key encryption to
secure credit-card transaction systems
Secure HTTP (S-HTTP)
Allows you to choose an encryption scheme for
data that passes between a client and a server
The client and server both must have digital
certificates
More secure than SSL
Internet and Network Security
What are other secure encryption techniques?
41
Internet and Network Security
What is a digital signature? Also called a digital ID An encrypted code that a person, Web site, or
company attaches to an electronic message to verify the identity of the message sender
The code usually consists of the user's name and a hash of all or part of the message
Helps to prevent e-mail forgery and verify that the contents of a message has not changed
Hash
A mathematical formula that generates a code from the contents of the message
42
Internet and Network Security
What is a firewall? A security system consisting of
hardware and/or software that prevents unauthorized access to data and information on a network
Many large companies route all communications through a proxy server to implement a firewall
Firewalls use a variety of screening techniques• Check domain name or IP
address• Require digital signatures
Proxy server
A server outside the company’s network that controls which
communications pass into the company’s
network
43
Internet and Network Security
What are some popular personal firewall products?
44
Track user preferences
Information Privacy
What is a cookie? A small file that a Web
server stores on your computer
Typically contains data about you
A Web site can read data only from its own cookie file
Some Web sites sell or trade information stored in your cookie to advertisers
Track how regularly you visit a site and the Web pages you
visit when at the site
Target advertisements to your interests and browsing habits
45
Information Privacy
How can you set your browser to control cookies?
You can set your browser to accept cookies automatically, prompt you if you wish to accept a cookie, or disable cookie use
Many Web sites do not allow you to access features if you disable cookie use
46
Information Privacy
What is spyware? A program placed on a
computer without the user's knowledge that secretly collects information about the user
Can enter your computer as a virus or as a result of installing a new program
Communicates information it collects to some outside source while you are online
Adware
Spyware used by Internet advertising
firms to collect information about a
user’s Web browsing habits
To remove spyware, you
need to purchase a special program
that can detect and delete it
47
Information Privacy
What is spam? An unsolicited e-mail message or newsgroup
posting sent to many recipients or newsgroups at once
Internet junk mail
48
Anti-spam program
Attempts to remove spam
Sometimes removes valid e-mail messages
Information Privacy
E-mail filtering
A service that blocks e-mail messages from designated
sources
Collects spam in a central location that you can view,
at any time
How can you control spam?
49
Information Privacy
What is filtering software? Also called an Internet filtering program Software that can restrict access to specified
Web sites Some filter sites that use specific words Others allow you to filter e-mail messages and
chat rooms